faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Faqmanager.cgi | Faqmanager | 2.2.1 | 2.2.1 |
Faqmanager.cgi | Faqmanager | 2.2 | 2.2 |
Faqmanager.cgi | Faqmanager | 2.2.4 | 2.2.4 |
Faqmanager.cgi | Faqmanager | 2.1.1 | 2.1.1 |
Faqmanager.cgi | Faqmanager | 2.2.3 | 2.2.3 |
Faqmanager.cgi | Faqmanager | 2.0 | 2.0 |
Faqmanager.cgi | Faqmanager | 2.2.5 | 2.2.5 |
Faqmanager.cgi | Faqmanager | 2.2.2 | 2.2.2 |
Faqmanager.cgi | Faqmanager | 2.1 | 2.1 |
Faqmanager.cgi | Faqmanager | 2.1.2 | 2.1.2 |